Francesco Gazzetta
1009ec8796
tclPackages: init
2024-10-26 16:23:15 +00:00
Silvan Mosberger
5bbbc3a30b
workflows: Rename after security fixes
...
In the previous two commits, security issues with these workflows were
fixed. In order for these to not be exploitable for PRs to branches that
don't have the fixes yet (including read-only branches like
nixos-unstable), these workflows are renamed, so that the old ones can
be turned off manually via GitHub interface.
Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
2024-10-26 15:30:52 +02:00
Silvan Mosberger
6b8ce4aedf
workflows: Fix security issues
...
read-all permissions gives access to e.g. security-events, which these
don't need, and can easily lead to leaks
Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
2024-10-26 15:03:37 +02:00
Silvan Mosberger
59aee1ca5d
workflows/codeowners: Fix security issue
...
Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
2024-10-26 15:01:12 +02:00
Victor Engmark
54e4669c75
docs: Clarify how to provide technical details/metadata
...
`nix-info -m` outputs Markdown, so it makes more sense to include it in
issues verbatim than within a preformatted code block.
Co-authored-by: Gavin John <gavinnjohn@gmail.com>
2024-10-25 10:12:44 +02:00
Cole Helbling
705fdd9ccc
ci/basic-eval: check that flake outputs are valid
2024-10-16 08:49:28 -07:00
zowoq
f30a046672
.github/workflows: remove update-terraform-providers
...
semi-broken, will try using r-ryantm bot for updates instead
2024-10-16 17:20:57 +10:00
dependabot[bot]
f3143a7eda
build(deps): bump actions/checkout from 4.2.0 to 4.2.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...eef61447b9
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-14 11:35:32 +00:00
Philip Taron
d6d9c6125a
Improve PR merge check for CI ( #347786 )
2024-10-12 09:11:24 -07:00
Silvan Mosberger
7f9d297838
workflows/nixpkgs-vet: Make merge check script reusable
...
This is useful for other workflows as well. Originally I thought it
couldn't be put in the repo, but it can (just needs another checkout)
2024-10-12 03:58:39 +02:00
Silvan Mosberger
f9b28d5678
workflows/codeowners: Cache codeowner validator build
...
The codeowner-validator build declared in ci/codeowners-validator was
not cached before and needed to be built for every PR, which is slow and
wasteful: https://github.com/NixOS/nixpkgs/actions/runs/11280533037/job/31373720922
2024-10-10 21:21:22 +02:00
Silvan Mosberger
b01ca00aed
CODEOWNERS: Switch to alternate mechanism
...
This effectively disables the native GitHub codeowners feature
and enables the new alternate codeowners mechanism introduced in
https://github.com/NixOS/nixpkgs/pull/336261
This means that:
- We can now declare users without write access as code owners!
- Targeting the wrong branch won't trigger mass pings anymore!
2024-10-10 01:40:05 +02:00
Silvan Mosberger
c1710f234c
workflows/codeowners: Dry mode for now
...
Apparently it started requesting reviews from code owners already
because the DRY_MODE from the global env was overridden in the local job
declaration: https://github.com/NixOS/nixpkgs/pull/347354#event-14570645380
2024-10-09 18:34:34 +02:00
Silvan Mosberger
dd2808213c
CODEOWNERS: Fix non-matching patterns
...
Since https://github.com/NixOS/nixpkgs/pull/336261 we have CI that
checks that the codeowners file is valid:
https://github.com/NixOS/nixpkgs/actions/runs/11243668280/job/31260095472#step:7:34
Which files are correct (or whether they were removed) was determined
using the Git history and some grepping
2024-10-08 23:25:08 +02:00
Philip Taron
ecf10b087d
Alternate more flexible code owners mechanism, soon to avoid mass pings ( #336261 )
2024-10-08 13:58:11 -07:00
Silvan Mosberger
93dcd42f2b
OWNERS: placeholder init
2024-10-08 22:23:25 +02:00
Silvan Mosberger
87a2986c1a
workflows/codeowners: init
2024-10-08 22:23:23 +02:00
dependabot[bot]
557d69a3d0
build(deps): bump cachix/install-nix-action from 29 to 30
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from 29 to 30.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](9f70348d77...08dcb3a5e6
)
---
updated-dependencies:
- dependency-name: cachix/install-nix-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-07 11:17:58 +00:00
Fernando Rodrigues
b1cb7f4ce8
.github/labeler.yml: edit the xen-project label to reflect the new paths.
...
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
2024-10-06 20:24:28 +00:00
Silvan Mosberger
442f93b721
github/PULL_REQUEST_TEMPLATE: replace first heading with comment ( #345035 )
2024-10-01 02:03:45 +02:00
dependabot[bot]
b93144cbc0
build(deps): bump actions/checkout from 4.1.7 to 4.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-30 12:02:46 +00:00
dependabot[bot]
7816a35ee7
build(deps): bump cachix/install-nix-action from 27 to 29
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from 27 to 29.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](ba0dd844c9...9f70348d77
)
---
updated-dependencies:
- dependency-name: cachix/install-nix-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-30 11:58:38 +00:00
Fernando Rodrigues
44d65c61b3
.github/labeler.yml: xen -> xen-project
...
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
2024-09-28 14:51:12 +00:00
Atemu
347255a29a
github/PULL_REQUEST_TEMPLATE: replace first heading with comment
...
When creating a PR from a branch that only adds a single commit, this heading
would always jankily be left *below* the actual commit message because github
simply inserts the commit message before the template.
The heading also only served as a light call to action whereas the comment is
rather explicit in asking the PR author to provide a proper PR description.
2024-09-28 08:51:44 +02:00
Pol Dellaiera
cf88e010f7
.github/labeler.yml: label Xen-related pull requests ( #344329 )
2024-09-26 22:02:29 +02:00
Will Fancher
c4594ed779
CODEOWNERS: Add ElvishJerricco to ISO image. ( #344537 )
2024-09-25 23:10:48 -04:00
Will Fancher
1908a62e49
CODEOWNERS: Add ElvishJerricco to ISO image.
2024-09-25 18:12:12 -04:00
Fernando Rodrigues
dbb7797d4e
.github/labeler.yml: label Xen-related pull requests
...
Some things must still be labeled manually (notably, qemu_xen and
specific kernel changes), but these should be pretty infrequent.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
2024-09-25 00:40:02 +00:00
Alyssa Ross
21315e31f8
CODEOWNERS: add myself to LLVM
2024-09-23 21:09:59 +02:00
Emily
2e00bfd393
nixos: remove environment.noXlibs ( #341717 )
2024-09-22 16:25:00 +01:00
Peder Bergebakken Sundt
447d1edf50
.github/labeler.yml: mark CONTRIBUTING.md and README's for "policy discussion"
2024-09-18 02:45:57 +02:00
dependabot[bot]
d8f973058b
build(deps): bump peter-evans/create-pull-request from 7.0.1 to 7.0.3
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 7.0.1 to 7.0.3.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](8867c4aba1...6cd32fd936
)
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-16 11:06:39 +00:00
Matt Moriarity
768db4009e
nixos: remove environment.noXlibs
2024-09-15 07:51:45 -06:00
github-actions[bot]
f3e8528ff7
Merge master into staging-next
2024-09-09 14:31:17 +00:00
dependabot[bot]
02e7ca9482
build(deps): bump peter-evans/create-pull-request from 6.1.0 to 7.0.1
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 6.1.0 to 7.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](c5a7806660...8867c4aba1
)
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-09 11:37:51 +00:00
K900
23b4832da0
Merge remote-tracking branch 'origin/master' into staging-next
2024-09-04 08:53:48 +03:00
Philip Taron
cc45e69475
.github: continue finessing the text and names for nixpkgs-vet
2024-09-03 14:13:13 -07:00
Philip Taron
89cbfde96d
nixpkgs-vet: update CI, docs, and release to 0.1.4
...
Everything gets moved into the `ci/` top-level directory.
We keep behind `maintainers/scripts/check-by-name.sh` and `pkgs/test/check-by-name/pinned-version.txt` as they are going to cause CI errors and confusion until we get all the way through the various channels.
They'll be removed in about a week or so.
2024-09-03 13:53:25 -07:00
github-actions[bot]
46a57b6e9d
Merge master into staging-next
2024-09-02 06:04:55 +00:00
Fabián Heredia Montiel
ae612969f4
CODEOWNERS: add mattpolzin for idris2Packages ( #337967 )
2024-09-01 19:51:30 -06:00
github-actions[bot]
eacf5283f3
Merge staging-next into staging
2024-08-29 18:04:46 +00:00
Philip Taron
b305dc2006
workflows/check-by-name: Mention who to ping for trouble ( #337120 )
2024-08-29 05:57:28 -07:00
Anderson Torres
32897dce90
CODEOWNERS: update ownership for installShellFiles
...
Since Ericson2314 is the original codeowner of the files.
2024-08-28 19:56:16 -03:00
Mathew Polzin
0f8ef96fa1
CODEOWNERS: add mattpolzin for idris2Packages
2024-08-28 11:19:10 -05:00
Silvan Mosberger
32b96d3449
workflows/check-by-name: Mention who to ping for trouble
...
The check-by-name team can't be looking through all PRs to see if anybody
is struggling.
2024-08-25 01:18:11 +02:00
Silvan Mosberger
e120425bb2
workflows/check-nix-format: Mention who to ping for trouble
...
The formatting team can't be looking through all PRs to see if anybody
is struggling.
2024-08-25 01:12:25 +02:00
Emily
bb9c3eec48
CODEOWNERS: add myself to ACME
...
The comment is no longer accurate 🎉 (But @m1cr0man really ought
to have the commit bit as well…)
I don’t actively use the NixOS ACME implementation these days, but
I think I have enough experience and relevant knowledge from my past
contributions to the module and general ACME know‐how to contribute
to reviews and help avoid kerfuffles like the recent issue that broke
everyone’s ACME accounts.
2024-08-22 19:53:50 +01:00
Jörg Thalheim
b6c51f7884
nix: add nix-team to CODEOWNERS
...
Update .github/CODEOWNERS
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-08-22 14:28:03 +02:00
Silvan Mosberger
91add64d00
workflows/check-nix-format: Better nix-shell
message
...
As [suggested](https://github.com/NixOS/nixpkgs/pull/334286#issuecomment-2286131096 ) by @nh2
2024-08-19 16:26:54 +02:00
Michael Lohmann
168e66ac81
github/PULL_REQUEST_TEMPLATE: fix link to linking tests
...
The under the old link there was only a hint that it was moved to the
new location, so we can get rid of this indirection
2024-08-19 15:39:33 +02:00